Welcome!
Important information
-- Spectre and Meltdown vulnerabilities
-- Change in MX sources

News
-- MX Linux on social media: here
-- Mepis support still here

Current releases
-- MX-17.1 Final release info here
-- antiX-17 release info here

New users
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules

Infected MX-16.1

For help or questions about 64-bit version of MEPIS, this is the forum to use.
Message
Author
User avatar
namida12
Forum Guide
Forum Guide
Posts: 1770
Joined: Sun Apr 01, 2007 4:54 pm

Infected MX-16.1

#1 Post by namida12 » Wed Jun 28, 2017 5:19 pm

Several days ago with Google Chrome I was on looking at the yahoo main page, and went to sign into Yahoo email, and ublock (Advertising blocker) posted a popped up with a warning that the site was blocked because of reported malware. (Yahoo email login was blocked). For several days this wanting popped up, using Firefox I could sign into email...

Today, I went to yahoo email logon, in Firefox and my system froze and to pull electrical plug from wall. I left machine unplugged for a while and then connected the electricity and system booted up normally. Using Firefox the system locked up again, remove power have booted from flash drive, since I got a popup in Google Chrome see attached. closing Google Chrome getting redirects and pages that will not load on my system.

I am going to save my photos, AntiX & MX torrents, and format the drive and do a new install, apparently have some kind of infection/malware on this system I can not find and clean...

See screen capture, from GoogleChrome
You do not have the required permissions to view the files attached to this post.

User avatar
Adrian
Forum Veteran
Forum Veteran
Posts: 8459
Joined: Wed Jul 12, 2006 1:42 am

Re: Infected MX-16.1

#2 Post by Adrian » Wed Jun 28, 2017 5:54 pm

Reset the browsers settings, for Firefox wipe the .mozilla account (save your bookmarks first) for Chrome use the Reset button: https://support.google.com/chrome/answer/3296214?hl=en (you might have to search in Settings for "reset"). Most likely it's the browsers that got "infected" not the OS.

Next time if you get a warning that a site was blocked because of malware don't use another browser to get around it.


User avatar
Stevo
Forum Veteran
Forum Veteran
Posts: 15794
Joined: Fri Dec 15, 2006 8:07 pm

Re: Infected MX-16.1

#4 Post by Stevo » Wed Jun 28, 2017 8:06 pm

You first might want to create another user just to make sure that the browsers are still running fine for that user, staying away from Yahoo.

If so, then it's very probably just your profiles that are infected.

But seriously, Yahoo has had very lax security in the past, suffered several major breaches, and seemingly learned nothing from the experiences. You should have left them behind loooooong ago.

User avatar
namida12
Forum Guide
Forum Guide
Posts: 1770
Joined: Sun Apr 01, 2007 4:54 pm

Re: Infected MX-16.1

#5 Post by namida12 » Wed Jun 28, 2017 9:20 pm

Adrian wrote:Reset the browsers settings, for Firefox wipe the .mozilla account (save your bookmarks first) for Chrome use the Reset button: https://support.google.com/chrome/answer/3296214?hl=en (you might have to search in Settings for "reset"). Most likely it's the browsers that got "infected" not the OS.

Next time if you get a warning that a site was blocked because of malware don't use another browser to get around it.
Stevo wrote:You first might want to create another user just to make sure that the browsers are still running fine for that user, staying away from Yahoo.

If so, then it's very probably just your profiles that are infected.

But seriously, Yahoo has had very lax security in the past, suffered several major breaches, and seemingly learned nothing from the experiences. You should have left them behind loooooong ago.
Thanks Adrian, and Stevo,

I have occasionally had a popup appear over the years in Mepis, AntiX, and MX but this is the first time I needed to pull the electric cord, and it was still there after a reboot. I use yahoo for my junk gathering and bicycle email, but guess i need another tight free email as I do no want to use my ISP... Rocket mail is owned by yahoo might there be another free email service not as dangerous as Yahoo...

User avatar
uncle mark
Forum Veteran
Forum Veteran
Posts: 4966
Joined: Sat Nov 11, 2006 10:42 pm

Re: Infected MX-16.1

#6 Post by uncle mark » Wed Jun 28, 2017 9:51 pm

Just use Bleachbit to clear the browser cache, cookies, and history. You may lose your remembered login names and passwords. It's not an "infection" in any conventional sense of the word. It's a persistent web bug served up by an infected web site. Neither your OS or data is compromised or at risk.
Desktop: Custom build Asus/AMD/nVidia -- MEPIS 11
Laptop: Acer Aspire 5250 -- MX-15
Assorted junk: assorted Linuxes

User avatar
entropyfoe
Forum Regular
Forum Regular
Posts: 785
Joined: Thu Apr 19, 2007 11:42 am

Re: Infected MX-16.1

#7 Post by entropyfoe » Wed Jun 28, 2017 10:27 pm

Yup, Linux and MX are pretty secure. Most threats come in through applications, browsers, java scripts, etc.

One big help on all platforms is to install noscript in firefox.
Most of these attacks start with some script running in your machine.

noscript blocks all by default. Now to use Yahoo, you would probably have to allow scripts from yahoo, but it was probably in the host of third party scripts that want to run on your machine, and usually on commercial sites is is dozens.

For me, just one more layer of defense.
Asus Prime 370X-Pro
AMD Ryzen 1600X (6 cores @ 3.6 GHz)
16 Gig DDR4 3200 (G Skill)
Nvidia -MSI GeForce GT 710 fanless
Samsung 960 NVMe SSD nvme0n1 P1,P2, and P3=MX-17.1, P4=antiX-17
1TB SSD sda1= Data, 2TB WD =backups
on-board ethernet & sound

User avatar
timkb4cq
Forum Veteran
Forum Veteran
Posts: 4264
Joined: Wed Jul 12, 2006 4:05 pm

Re: Infected MX-16.1

#8 Post by timkb4cq » Thu Jun 29, 2017 12:32 am

If you want to safely keep using your Yahoo email address, set up Thunderbird to access it via imap instead of using the web portal.
MSI 970A-G43 MB, AMD FX-6300 (six core), 16GB RAM, GeForce 730, Samsung 850 EVO 250GB SSD, Seagate Barracuda XT 3TB

User avatar
Leo
Forum Regular
Forum Regular
Posts: 220
Joined: Wed Jul 12, 2006 8:25 am

Re: Infected MX-16.1

#9 Post by Leo » Thu Jun 29, 2017 8:41 am

Huh...I've had Yahoo! as my home page and used yahoo mail for almost 20 years, and haven't really had any problems. In reading this, I guess I've been very lucky...

:needcoffee:
There are exceptions to every rule...
and I know I'm exceptional... :lion2:
:linuxlove:
Linux user #415188
Linux machine #446574
Athlon 64 3400+, nVidia FX 5500, 2GB, MX-16

User avatar
richb
Administrator
Posts: 16915
Joined: Wed Jul 12, 2006 2:17 pm

Re: Infected MX-16.1

#10 Post by richb » Thu Jun 29, 2017 8:50 am

I had issues with yahoo mail users who had registration problems. Replies to them from forumadmin were blocked so I could not communicate with them with that account. Yahoo thought we were spammers.
Forum Rules
Guide - How to Ask for Help

Rich
SSD Production: MX 17.1
AMD A8 7600 FM2+ CPU R7 Graphics, 16 GIG Mem. Three Samsung EVO SSD's 250 GB, 350 GB HD

Post Reply

Return to “64-bit Regulars”